- From: Dave Longley <dlongley@digitalbazaar.com>
- Date: Tue, 30 Jul 2019 12:03:00 -0400
- To: Henry Story <henry.story@gmail.com>, Credentials Community Group <public-credentials@w3.org>
- Cc: Manu Sporny <msporny@digitalbazaar.com>
On 7/30/19 8:23 AM, Henry Story wrote: > > >> On 30 Jul 2019, at 13:16, Henry Story <henry.story@gmail.com >> <mailto:henry.story@gmail.com>> wrote: >> >> Would it be possible to make a minor extension to HttpSignature >> so that one can use https WebIDs [0] just as a way to get a simple >> thing going? That could be completely compatible with DIDs, but >> would allow one to get going in cases where one does not need >> all of the extra goodies that DIDs give one. >> >> I did some work on that to implement a server side HTTP-Signatures >> and before that I worked on how one could use JS Crypto to create >> keys in the browser. > > > Actually I think one could get the two to get quite close by adding a > notion of a KeyId ie perhaps an URI for a key that could be linked to > a WebID. One could then have > > - https:// KeyIds. These could be located in the WebID Profile, > in a different document on the same server, or perhaps even on > a different server. > - or dids. > > A WebID could point to the KeyID or DID (or perhaps these are > the same?), and authentication using Https Signature could then > pass both in the header. The DID for authentication, the WebID for > social network type identifier, and the link from the WebID to the > Did/KeyId in the Profile Document would be the proof. My understanding is that HTTP signatures already supports something like WebID-style authentication. Just use a URI for the `keyId` parameter. We already use HTTP signatures in conjunction with LD proofs and DIDs. To my knowledge, it wouldn't work any differently if the `keyId` pointed at a key that resolved to a document that referenced a WebID as its `controller`. You'd then dereference that WebID to ensure its profile document had an appropriate back link to the key. (This is generally how LD proofs work, so it is agnostic to DIDs or WebIDs). > > Henry > >> >> Henry >> >> [0] https://www.w3.org/2005/Incubator/webid/spec/identity/ >> [1] https://github.com/read-write-web/akka-http-signature >> [2] https://github.com/read-write-web/solid-client >> >>> On 30 Jul 2019, at 04:22, Manu Sporny <msporny@digitalbazaar.com >>> <mailto:msporny@digitalbazaar.com>> wrote: >>> >>> On 7/29/19 1:35 PM, Joe Andrieu wrote: >>>> TL;DR What’s after DIDs? >>> >>> From a technical standards perspective, these are currently pain points >>> for Digital Bazaar and our customers that seem like we might be able to >>> collaborate on with other developers / companies in this group: >>> >>> * True multi-DID interop >>> * True multi-wallet/issuer/verifier interop >>> * Collaboration on the Credential Handler API >>> * Linked Data Proofs/Signatures (W3C WGs for these) >>> * Secure Data Hubs (or, how do we make storage privacy-aware >>> and self-sovereign) >>> * Verifiable Credentials 1.1 (we're not done yet) >>> * Verifiable Credentials Extensions >>> * VC/DID/LDP Registries >>> >>> There are non-technical things we should do as well: >>> >>> * Non-Violent Communication (and other approaches) to mend some of the >>> damage across the identity community >>> * Field Work - More Use Cases from real people/customers >>> * Bite sized material to communicate our work to the general public >>> >>> -- manu >>> >>> -- >>> Manu Sporny (skype: msporny, twitter: manusporny) >>> Founder/CEO - Digital Bazaar, Inc. >>> blog: Veres One Decentralized Identifier Blockchain Launches >>> https://tinyurl.com/veres-one-launches >>> >> > -- Dave Longley CTO Digital Bazaar, Inc. http://digitalbazaar.com
Received on Tuesday, 30 July 2019 16:03:32 UTC